No one can accuse the cambodia phone number data European Union of complacency when it comes to ambitious pieces of legislation intended to enhance cybersecurity across EU member states. Hot on the heels of NIS2(new window), the Digital Operational Resilience Act(new window)(DORA) aims to improve the cybersecurity and operational resilience of financial entities such as banks, insurance companies, and investment firms. Companies need to comply with the DORA by January 17, 2025.
What is DORA?
Dora is a regulation introduced by the European Union to improve the cybersecurity and operational resilience of financial entities in the EU. Much like NIS2, it aims to ensure financial institutions can withstand, respond to, and recover from all types of information and ICT-related disruptions and threats.
Businesses that fail to comply with DORA may face enormous purposes, suspension or limitation of operations, reputational damage, and increased supervision and monitoring. They will also be at increased risk of cyberattacks(new window).
As with the GDPR(new window), if your company is based outside the EU, it will still need to comply with DORA if it provides services to or operates within the European Union's financial sector. DORA applies to all financial entities and third-party service providers.